Sha256: 595b07b0147c0601f25eb3530073d64dd68eb615f248cf62c60f7364077e3434

Contents?: true

Size: 662 Bytes

Versions: 6

Compression:

Stored size: 662 Bytes

Contents

rule_set :icmp_protection do

  accept :protocol  => :icmp,
         :icmp_type => 'echo-reply',
         :comment   => "allow us to receive ping responses"


  interfaces[:external].each do |interface|
    from_each_address(allowed_from) do |address|
      accept :protocol  => :icmp,
             :icmp_type => 'echo-request',
             :interface => interface,
             :remote_address => address,
             :limit   => '1/s',
             :comment => "allow icmp from #{address}"
    end

    drop :protocol  => :icmp,
         :interface => interface,
         :comment   => "drop any icmp packets that haven't been explicitly allowed"
  end
end

Version data entries

6 entries across 6 versions & 1 rubygems

Version Path
asbestos-0.0.9 lib/asbestos/rule_sets/icmp_protection.rb
asbestos-0.0.8 lib/asbestos/rule_sets/icmp_protection.rb
asbestos-0.0.7 lib/asbestos/rule_sets/icmp_protection.rb
asbestos-0.0.6 lib/asbestos/rule_sets/icmp_protection.rb
asbestos-0.0.5 lib/asbestos/rule_sets/icmp_protection.rb
asbestos-0.0.4 lib/asbestos/rule_sets/icmp_protection.rb